Hello!
From a Perl script I need to run this command: https://localhost:10000/virtual-server/remote.cgi?program=list-users&dom...
In perl:
$result = wget -O - --quiet --http-user=root --http-passwd=pass --no-check-certificate 'https://localhost:10000/virtual-server/remote.cgi?program=list-users&domain=mydomain';
But I don't like writing the root password in any script. I would like to setup a new user who could only run remote commands on "mydomain", and in no case who could do anything in other places (other domains, etc).
I tried to use the mydomain account (that is created when I setup the domain in virtualmin) but get a message saying that this user isn't allowed to run remote commands.
How can I do?
Thank you
Hi,
The remote API can only be used by an administrative user. This is because the whole API is exposed, not just domain owner specific features.
Best Regards,Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Solved the problem by calling a script located outside the public directory, so the password shouldn't be available..
You could also add a special user to webmin then give them access to the specific modules needed to get the user list or make whatever necessary changes. It wouldn't be limited to any one particular domain, but at least then you wouldn't have to use root. That's what I did. I added a special account just for virtualmin API calls to add/modify/delete domains/users, get user lists, domain information, server stats, etc.
Webmin -> Webmin Users -> Create new, then Available Modules -> Virtualmin Virtual Servers should be all you need. Everything else can be unchecked. Start with as few features checked as possible. No need to give the account access to any more than is needed. I'd also recommend adding in some IP restrictions just in case someone got that user/pass somehow.